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DETAILED ACTION 
Status of Claims: 

Claims 1-20 are pending in this Office Action. 

Specification 

1 . The use of the trademark WINDOWS and ORACLE has been noted in this 
application. It should be capitalized wherever it appears and be accompanied by the 
generic terminology. 

Although the use of trademarks is permissible in patent applications, the 
proprietary nature of the marks should be respected and every effort made to prevent 
their use in any manner which might adversely affect their validity as trademarks. 

2. The abstract of the disclosure does not commence on a separate sheet in 
accordance with 37 CFR 1 .52(b)(4). A new abstract of the disclosure is required and 
must be presented on a separate sheet, apart from any other text. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

The claimed invention is directed to non-statutory subject matter. Claim 1-4 and 19-20 
may be interpreted as software per se. It claims a system and a means for without 
hardware embodiment. Examiner in view of the specification paragraph [0014] "The 
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present invention is advantageous in that it is cost-effective and provides a software- 
only solution with centralized control for network-wide monitoring", interprets it as 
software and not in a statutory category. 



Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Dauerer et al. (US 5,627,967 A) in view of Noy et al. (US 6,539,540 B1 ). 

Claim 1 

Dauerer et al. teaches a data network management system for identifying 
unauthorized access to a data network service (Column 5 Lines 36-47, "Only when 
no duplicate user identifications are detected, the invention checks for invalid 
user identifications. These invalid user identifications might come into existence 
when an authorization has been terminated in any one of several ways"), provided 
at a service node in a data network, by a user node in said data network (Column 3 
Lines 1-4, "It is another object of the present invention to provide a control 
arrangement for a file access control system which will automatically monitor and 
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update all lists of authorized users"), said service node having an agent and having 
means for maintaining a user access list, said user access list having at least one data 
network address corresponding to at least one user node in said data network (Column 
3 lines 41-45, "at least one list of the plurality of lists corresponding to each mini- 
disk"), said system comprising: 

a database for maintaining an authorized access list for said service node 
(Column 6 lines 14-18, "processed master list 36 and creates disk lists of users 
for each mini-disk contained in the master list and communicates these lists to 
the master file 12 where they are stored in files (e.g. L193, L198) corresponding to 
the associated mini-disk"); and 

a data processing means for comparing said user access list to said authorized 
access list (Column 7 line 55, "The new list is checked against the previous list at 
306") and for updating said authorized access list, based on the user access list 
retrieved from said agent (Column 7-8 lines 66-3, "Any differences between the old 
and new lists detected at 306 are then categorized as to the type of change at 308 
and 312. If a user ID is on the old list but not the new list, a delete command is 
issued at 310 to the RACF controller 18 and the master file 12, illustrated 
collectively as 320 in FIG. 3"). 

Dauerer et al. fails to teach a data communication means for periodically polling 
said agent at said service node and for retrieving a user access list from said agent. 
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However, Noy et al. teaches in Column 1 line 30, "an SNMP manager will 
periodically poll an agent 30" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "an SNMP manager will 
periodically poll an agent 30" as taught by Noy in order to detect changes in information 
for a particular network device (Column 1 lines 31-32). 

Claim 2 

The modified Dauerer teaches claim 1 . 

Dauerer et al. does not teach wherein said agent is a Simple Network 
Management Protocol agent 

Noy et al teaches in Column 1 lines 62-63, "receiving a first response to the 
request from the SNMP agent" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "receiving a first response to 
the request from the SNMP agent" as taught by Noy in order to detect changes in 
information for a particular network device (Column 1 lines 31-32). 
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Claim 3 

The modified Dauerer teaches claim 1 . 

Dauerer et al. does not teach wherein said data communication means is a 
Simple Network Management Protocol communication 

Noy et al teaches in Column 1 lines 47-49, "The present invention seeks to 
provide novel methods and apparatus for optimizing Simple Network Management 
Protocol (SNMP) requests" in order to provide a greater efficiency than is currently 
known in the art. (Column 1 lines 49-50). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "novel methods and 
apparatus for optimizing Simple Network Management Protocol (SNMP) requests" as 
taught by Noy in order to detect changes in information for a particular network device 
(Column 1 lines 31-32). 

Claim 4 



The modified Dauerer teaches claim 1 . 
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Dauerer et al. does not teach further including means for installing said agent at 
said service node, said agent having means to communicate with said data 
communication means. 

Noy et al teaches in Column 1 lines 19-20, "SNMP includes two main elements: 
managers and agents" in order to provide for a manager to receive information from an 
agent (Column 1 lines 27-29). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "two main elements: 
managers and agents" as taught by Noy in order to provide for a manager to receive 
information from an agent (Column 1 lines 27-29). 

Claim 5 

Dauerer et al. teaches a method for identifying unauthorized access to a data 
network service (Column 5 Lines 36-47, "Only when no duplicate user 
identifications are detected, the invention checks for invalid user identifications. 
These invalid user identifications might come into existence when an 
authorization has been terminated in any one of several ways"), provided at a 
service node in a data network, by a user node in said data network (Column 3 Lines 
1-4, "It is another object of the present invention to provide a control arrangement 
for a file access control system which will automatically monitor and update all 
lists of authorized users"), said service node having an agent and having means for 
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maintaining a user access list, said user access list having at least one data network 
address corresponding to at least one user node in said data network (Column 3 lines 
41-45, "at least one list of the plurality of lists corresponding to each mini-disk" 
and Column 6 lines 14-18, "processed master list 36 and creates disk lists of 
users for each mini-disk contained in the master list and communicates these 
lists to the master file 12 where they are stored in files (e.g. L193, L198) 
corresponding to the associated mini-disk"), said method comprising: 

b) comparing said user access list to an authorized access list (Column 7 line 
55, "The new list is checked against the previous list at 306"); 

c) determining if an access to said service node was unauthorized based on 
comparing said user access list to the authorized access list: d) if said access 
was not authorized, initiating a notification process : wherein said user access 
list identifies a plurality of accesses to said service node (Column 5 Lines 50- 
67, "The manner in which invalid user identifications are found is not 
particularly important to the practice of the invention but could be done, 
for example, by comparison of access authorization or password change 
dates, user ID invalidation lists, etc. or a plurality of such user data items. 
The important fact, from a practical point of view is that any suspected 
invalid user ID will be reported to the authorization administrator each 
time the master list is updated and resolution of all suspected invalid 
user ID's will be required before access is granted to the system."). 
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Dauerer et al. fails to teach a) periodically polling an agent and retrieving said 
user access list, for a given period of time, from said service node in said data network. 

However, Noy et al. teaches in Column 1 line 30, "an SNMP manager will 
periodically poll an agent 30" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "an SNMP manager will 
periodically poll an agent 30" as taught by Noy in order to detect changes in information 
for a particular network device (Column 1 lines 31-32). 

Claim 6 

The modified Dauerer et al. teaches the method as defined in claim 5, further 
including updating said authorized access list based on said user access list retrieved 
from said service node (Column 7-8 lines 66-3, "Any differences between the old 
and new lists detected at 306 are then categorized as to the type of change at 308 
and 312. If a user ID is on the old list but not the new list, a delete command is 
issued at 310 to the RACF controller 18 and the master file 12, illustrated 
collectively as 320 in FIG. 3"). 



Claim 7 
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The modified Dauerer teaches claim 5. 

Dauerer et al. does not teach installing said agent at said user node, prior to 
periodically polling and retrieving said user access 

Noy et al teaches in Column 1 lines 19-20, "SNMP includes two main elements: 
managers and agents" in order to provide for a manager to receive information from an 
agent (Column 1 lines 27-29). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "two main elements: 
managers and agents" as taught by Noy in order to provide for a manager to receive 
information from an agent (Column 1 lines 27-29). 

Claim 8 

The modified Dauerer et al. teaches the method as defined in claim 5, further 
including selecting said service node for identification based on a predetermined 
criteria, prior to retrieving said user access list (Column 8 Lines 31-38, "Once the 
authorization administrator has edited the master list 26 and issued an immediate 
change command at 322, a check is made to determine if the disk lists involved 
are available and, as before, branches to end 326 under the error condition of the 
unavailability of the lists. If the appropriate lists are available, the disk lists are 
updated beginning at step 302, as described above"). 
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Claim 9 

The modified Dauerer et al. teaches the method as defined in claim 5, wherein 
said notification process comprises notifying a Network Operations Console (Column 5 
Lines 50-67, "The important fact, from a practical point of view is that any 
suspected invalid user ID will be reported to the authorization administrator each 
time the master list is updated and resolution of all suspected invalid user ID's 
will be required before access is granted to the system"). 

Claim 10 

The modified Dauerer et al. teaches the method as defined in claim 5, wherein a) 
through c) are repeated, and wherein said user node is selected from one of a plurality 
of user nodes in said data network (Column 5 lines 2-15, "Access to the system to 
update mini-disk access lists and an existing processed master list 36, reflecting 
the mini-disk access lists, to correspond to an updated master list 26 can be 
deferred until such time as access by a user is actually required. For instance, the 
updating of the master list within the system can be carried out on a regular 
schedule when user traffic is low and thus avoid conflicts with needs for the 
system by users"). 
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Claim 11 

The modified Dauerer et al. teaches the method as defined in claim 5, wherein a) 
through d) are repeated, and wherein said user node is selected from one of a plurality 
of user nodes in said data network (Column 5 lines 2-15, "Access to the system to 
update mini-disk access lists and an existing processed master list 36, reflecting 
the mini-disk access lists, to correspond to an updated master list 26 can be 
deferred until such time as access by a user is actually required. For instance, the 
updating of the master list within the system can be carried out on a regular 
schedule when user traffic is low and thus avoid conflicts with needs for the 
system by users"). 

Claim 12 

The modified Dauerer teaches claim 5. 

Dauerer et al. does not teach wherein said agent is a Simple Network 
Management Protocol agent 

Noy et al teaches in Column 1 lines 62-63, "receiving a first response to the 
request from the SNMP agent" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "receiving a first response to 
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the request from the SNMP agent" as taught by Noy in order to detect changes in 
information for a particular network device (Column 1 lines 31-32). 

Claim 13 

Dauerer et al. teaches a computer-readable medium for identifying unauthorized 
access to a data network service (Column 5 Lines 36-47, "Only when no duplicate 
user identifications are detected, the invention checks for invalid user 
identifications. These invalid user identifications might come into existence when 
an authorization has been terminated in any one of several ways"), provided at a 
service node in a data network, by a user node in said data network (Column 3 Lines 
1-4, "It is another object of the present invention to provide a control arrangement 
for a file access control system which will automatically monitor and update all 
lists of authorized users"), said service node having an agent and having means for 
maintaining a user access list, said user access list having at least one data network 
address corresponding to at least one user node in said data network (Column 3 lines 
41-45, "at least one list of the plurality of lists corresponding to each mini-disk" 
and Column 6 lines 14-18, "processed master list 36 and creates disk lists of 
users for each mini-disk contained in the master list and communicates these 
lists to the master file 12 where they are stored in files (e.g. L193, L198) 
corresponding to the associated mini-disk"), and said medium having stored 
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thereon, computer-readable and computer-executable instructions which, when 
executed by a processor, cause said processor to perform steps comprising: 

b) comparing said user access list to an authorized access list (Column 7 line 
55, "The new list is checked against the previous list at 306"); 

c) determining if an access to said data network service was authorized based on 
said comparison step b); d) if determined that said access was unauthorized , 
initiating a notification process (Column 5 Lines 50-67, "The manner in 
which invalid user identifications are found is not particularly important 
to the practice of the invention but could be done, for example, by 
comparison of access authorization or password change dates, user ID 
invalidation lists, etc. or a plurality of such user data items. The 
important fact, from a practical point of view is that any suspected invalid 
user ID will be reported to the authorization administrator each time the 
master list is updated and resolution of all suspected invalid user ID's 
will be required before access is granted to the system."). 

Dauerer et al. fails to teach a) periodically polling an agent and retrieving said 
user access list, for a given period of time, from said service node in said data network. 

However, Noy et al. teaches in Column 1 line 30, "an SNMP manager will 
periodically poll an agent 30" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 
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It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "an SNMP manager will 
periodically poll an agent 30" as taught by Noy in order to detect changes in information 
for a particular network device (Column 1 lines 31-32). 

Claim 14 

The modified Dauerer et al. teaches the computer-readable medium as defined 
in claim 13, further containing computer-readable and computer-executable instructions 
which perform a step of updating said authorized access list based on user access 
information (Column 7-8 lines 66-3, "Any differences between the old and new lists 
detected at 306 are then categorized as to the type of change at 308 and 312. If a 
user ID is on the old list but not the new list, a delete command is issued at 310 to 
the RACF controller 18 and the master file 12, illustrated collectively as 320 in 
FIG. 3"). 

Claim 15 

The modified Dauerer teaches claim 13. 

Dauerer et al. does not teach further containing computer-readable and 
computer-executable instructions which perform a step of installing said agent at said 
user node, prior to retrieving said user access list in step a). 
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Noy et al teaches in Column 1 lines 19-20, "SNMP includes two main elements: 
managers and agents" in order to provide for a manager to receive information from an 
agent (Column 1 lines 27-29). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "two main elements: 
managers and agents" as taught by Noy in order to provide for a manager to receive 
information from an agent (Column 1 lines 27-29). 

Claim 16 

The modified Dauerer et al. teaches the computer-readable medium as defined 
in claim 13, further containing computer-readable and computer-executable instructions 
wherein said steps a) through c) are repeated, and wherein said user node is selected 
from one of a plurality of user nodes in said data network (Column 5 lines 2-15, 
"Access to the system to update mini-disk access lists and an existing processed 
master list 36, reflecting the mini-disk access lists, to correspond to an updated 
master list 26 can be deferred until such time as access by a user is actually 
required. For instance, the updating of the master list within the system can be 
carried out on a regular schedule when user traffic is low and thus avoid conflicts 
with needs for the system by users"). 
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Claim 17 

The modified Dauerer teaches claim 13. 

Dauerer et al. does not teach wherein said agent is a Simple Network 
Management Protocol agent 

Noy et al teaches in Column 1 lines 62-63, "receiving a first response to the 
request from the SNMP agent" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "receiving a first response to 
the request from the SNMP agent" as taught by Noy in order to detect changes in 
information for a particular network device (Column 1 lines 31-32). 

Claim 18 

Dauerer et al. teaches a computer for use in a data network for identifying 
unauthorized access to a data network service (Column 5 Lines 36-47, "Only when 
no duplicate user identifications are detected, the invention checks for invalid 
user identifications. These invalid user identifications might come into existence 
when an authorization has been terminated in any one of several ways"), provided 
at a service node in a data network, by a user node in said data network (Column 3 
Lines 1-4, "It is another object of the present invention to provide a control 
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arrangement for a file access control system which will automatically monitor and 
update all lists of authorized users"), said service node having an agent and having 
means for maintaining a user access list, said user access list having at least one data 
network address corresponding to at least one user node in said data network, said 
computer comprising: means for storing an authorized access list for said service node 
(Column 3 lines 41-45, "at least one list of the plurality of lists corresponding to 
each mini-disk" and Column 6 lines 14-18, "processed master list 36 and creates 
disk lists of users for each mini-disk contained in the master list and 
communicates these lists to the master file 12 where they are stored in files (e.g. 
L193, L198) corresponding to the associated mini-disk"); 

a central processing unit (See Figure 1 #14, "CPU"). 

data processing means for comparing said retrieved user access list to said 
authorized access list (Column 7 line 55, "The new list is checked against 
the previous list at 306") and for updating said authorized access list based 
on the user access list retrieved from said agent (Column 7-8 lines 66-3, 
"Any differences between the old and new lists detected at 306 are then 
categorized as to the type of change at 308 and 312. If a user ID is on the 
old list but not the new list, a delete command is issued at 310 to the 
RACF controller 18 and the master file 12, illustrated collectively as 320 
in FIG. 3"). 
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Dauerer et al. fails to teach a data communication means for periodically polling 
said agent at said service node and for retrieving a user access list from said agent. 

However, Noy et al. teaches in Column 1 line 30, "an SNMP manager will 
periodically poll an agent 30" in order to detect changes in information for a particular 
network device (Column 1 lines 31-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
invention to create the invention of Dauerer et al. to include "an SNMP manager will 
periodically poll an agent 30" as taught by Noy in order to detect changes in information 
for a particular network device (Column 1 lines 31-32). 

Claim 19 

The modified Dauerer et al. teaches the data network as defined in claim 1 , 
wherein said authorized access list is a common authorized user access list, that 
includes a range of user nodes for comparing to said user access list to determine if 
said user access list is a subset of said common authorization access list (Column 3 
lines 41-45, "at least one list of the plurality of lists corresponding to each mini- 
disk" and Column 6 lines 14-18, "processed master list 36 and creates disk lists 
of users for each mini-disk contained in the master list and communicates these 
lists to the master file 12 where they are stored in files (e.g. L193, L198) 
corresponding to the associated mini-disk"). 
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Claim 20 

The modified Dauerer Dauerer et al. teaches the data network management 
system of claim 1 wherein said user access list identifies a plurality of accesses to said 
service node (Column 3 Lines 1-4, "It is another object of the present invention to 
provide a control arrangement for a file access control system which will 
automatically monitor and update all lists of authorized users" and See Fig. 4A). 

Response to Arguments 

6. Applicant's arguments with respect to claims 1 -20 have been considered but are 
moot in view of the new ground(s) of rejection. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to FARHAD ALI whose telephone number is (571)270- 
1920. The examiner can normally be reached on Monday thru Friday, 7:30am to 
5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jeffrey C. Pwu can be reached on (571) 272-6798. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Farhad AN/ 
Examiner, Art Unit 2446 

/Jeffrey Pwu/ 

Supervisory Patent Examiner, Art Unit 2446 



